Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
164
Views
0
Helpful
0
Replies

TrustGrid Traffic Behind FMC/FTD Network | What Sort of Rules Needed?

TrivialPants
Level 1
Level 1

‎01-18-2024 06:39 AM

Hi All,

We are working with a vendor to set up a TrustGrid appliance. We have an FTD pair in HA mode that is managed via FMC. 

We are migrating the vendor's current network from an existing IPSec tunnel to the TrustGrid appliance based firewall. 

The networks will remain the same, except we will have a new subnet that the TrustGrid will live on behind our LAN, behind the Firewall. 

The procedure is to add a static route for the vendor's protected network to go to the VIP of the TrustGrid device. 

We attempted this, but failed. 

Now we are thinking there is something needed on the firewall to allow traffic despite it being tunneled through & the TrustGrid devices being allowed out. 

We have existing rules from the IPSec to allow the trusted vendor networks to talk to our networks, but they are for source of the 'Outside' interface to the destination of our 'Inside' interfaces.

Does this need to be changed for 'Inside' to 'Inside' since we are all on the 'Inside' of our LAN now  as the TrustGrid device is behind our LAN?

Just trying to wrap our heads around the change!

Thanks for any help!

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents